diff --git a/ag/clan/add.php b/ag/clan/add.php index 2c14fc7..55d3237 100644 --- a/ag/clan/add.php +++ b/ag/clan/add.php @@ -9,6 +9,7 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/config.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/fehlerausgabe.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/designfunctions.inc.php'); include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/parse.inc.php'); +include_once ($_SERVER['DOCUMENT_ROOT'] . 'ag/include/clan.inc.php'); // GET-Section // Kritisch (SQL-Injections) @@ -26,10 +27,11 @@ function joinClan($user, $clanid){ $clan_user = mysql_fetch_assoc(mysql_query($sql)); if($clan_user){ - $sql = 'Select *, (Select member - count(*) from user u where clan = c.id and ((c.leader is null || c.leader != u.id) and (c.co_leader is null || c.co_leader != u.id))) as freeslots from clan c where id = '.$clanid; -// echo $sql . '
'; - $clan = mysql_fetch_assoc(mysql_query($sql)); - if($clan['freeslots'] <= 0){ + $clan = getClan($clanid); + $members = getClanMembersCount($clanid); + $members_max = getMaximumMembers($clan['id']); + + if($members >= $members_max){ displayErrorMessage(NULL,'Konnte die Einladung des Clans nicht annehmen (Clan voll)!',displayHistoryBackLink()); return; } else{ diff --git a/ag/clan/clan_info.php b/ag/clan/clan_info.php index 8792e65..efd7dcd 100644 --- a/ag/clan/clan_info.php +++ b/ag/clan/clan_info.php @@ -40,17 +40,24 @@ if($clan_id == NULL){ } } + if(isset($_GET['value1'])) { - if($what == 'Banner'){ - $value1 = validateURL($_GET['value1']); - } else if($what == 'Homepage' || $what == 'Info' || $what == 'Clan Passwort'){ - $value1 = validateString($_GET['value1']); - } else if($what == 'Clanzeichen'){ - $value1 = validateString($_GET['value1']); - $value2 = validateString($_GET['value2']); - } else if($what == 'Leadership') { - $value1 = validateUnsignedInteger($_GET['value1'], NULL); - $value2 = validateUnsignedInteger($_GET['value2'], NULL); + switch($what) { + case 'Banner': + case 'Homepage': + $value1 = validateURL($_GET['value1']); + break; + case 'Info': + $value1 = encodeNoHTMLWithBB($_GET['value1']); + break; + case 'Clanzeichen': + $value1 = validateString($_GET['value1']); + $value2 = validateString($_GET['value2']); + break; + case 'Leadership': + $value1 = validateUnsignedInteger($_GET['value1'], NULL); + $value2 = validateUnsignedInteger($_GET['value2'], NULL); + break; } } @@ -100,7 +107,7 @@ function displayClanProfileReadOnly($clan, $ownclan, $userid){ } ?> - Leader: + Leader: - Co-Leader: + Co-Leader: '.$coleader.''; @@ -122,11 +129,11 @@ function displayClanProfileReadOnly($clan, $ownclan, $userid){ ?> - Clanzeichen: + Clanzeichen: - Member (): + Member (): ',$member); ?> Eingeladen - + ', $invited); ?> - Level: + Level: + + Erfahrung: + + Homepage: '.$clan['homepage'].''; + echo ''.$clan['homepage'].''; } else{ - echo 'Keine'; + echo 'Keine'; } ?> @@ -186,6 +197,8 @@ function displayClanProfileReadOnly($clan, $ownclan, $userid){ + Debug Daten (Kein Bug, dass die naechste Zeile etwas komisch aussieht) + @@ -241,37 +254,41 @@ function displayClanProfileEditable($clan, $userid){ - Leader:Leader:(edit) - Co-Leader:Co-Leader:(edit) - Clanzeichen:Clanzeichen:(edit) - Member (): - ',$member); ?> - + Member (): + ',$member); ?> + Eingeladen - + ', $invited); ?> - Level: + Level: + + Erfahrung: + + - Homepage:Homepage:(edit) '; mysql_query($sql); } - return; + return NULL; default: - echo 'Error!'; - return; + return 'Error!'; } } -function displayEdit($what, $clanid, $root){ - $clan_qry = mysql_query('Select * from clan where id = '.$clanid); - $clan = mysql_fetch_assoc($clan_qry); +function displayEdit($what, $clanid, $rootlvl){ + if($rootlvl < 1) { + $content = 'Du hast keine Rechte um diese Aktion auszuführen!'; + $what = 'ERROR'; + } + $clan = getCLan($clanid); $content = ''; switch($what){ @@ -427,10 +460,9 @@ function displayEdit($what, $clanid, $root){ $content .= 'Co-Leader:'; break; case 'Info': - $content = ''; + $content = ''; break; - case 'Clan Passwort': - $content = ''; + case 'ERROR': break; default: $content = 'Error '.$what.' unknown!'; @@ -491,47 +523,26 @@ function deleteClan($user){ +if($action !== NULL) { // this is done to not require to reprogramm the whole stuff! -//if($edit == 1){ -// $row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan'])); -// if($row['leader'] != $user_ida['id'] && $row['co_leader'] != $user_ida['id']){ -// displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink()); -// } else if(isset($value1)){ -// setProfile($what, $value1, $value2, $user_ida['clan'], $row['leader'] == $user_ida['id'] || $row['leader'] === null); -// } else{ -// displayEdit($what, $user_ida['clan'],$row['leader'] == $user_ida['id'] || $row['leader'] === null); -// $displayMore = false; -// } -//} else if($putsch == 1){ -// setMeAsLeader($user_ida); -//} else if($fire == 1){ -// fireMember($user_ida, $member); -//} else if($kill == 1){ -// deleteClan($user_ida); -//} else if($reject == 1) { -// $errorMsg = revokeInvitation($user_ida, $member); -// if($errorMsg !== NULL) { -// echo displayErrorMessage(NULL, $errorMsg, displayHistoryBackLink()); -// $displayMore = false; -// } else { -// displayErrorMessage('','Du hast die Einladung erfolgreich zurückgezogen!', 'weiter'); -// $displayMore = false; -// } -//} - + $rootlvl = 0; + if($row['leader'] == $user_ida['id'] || ($row['leader'] === null && ($row['co_leader'] === null || $row['co_leader'] = $user_ida['id']))) { + $rootlvl = 2; // leader or putsch!! + } else if($row['co_leader'] = $user_ida['id']) { + $rootlvl = 1; // co_leader + } -if($action !== NULL) { // this is done to not require to reprogramm the whole stuff! switch ($action) { case 'edit': $row = mysql_fetch_assoc(mysql_query('SELECT leader, co_leader from clan where id = '.$user_ida['clan'])); if($row['leader'] != $user_ida['id'] && $row['co_leader'] != $user_ida['id']){ displayErrorMessage(NULL, 'Du bist weder Leader noch Co-Leader des Clans!', displayHistoryBackLink()); } else if(isset($value1)){ - setProfile($what, $value1, $value2, $user_ida['clan'], $row['leader'] == $user_ida['id'] || $row['leader'] === null); + setProfile($what, $value1, $value2, $user_ida['clan'], $rootlvl); } else{ - displayEdit($what, $user_ida['clan'],$row['leader'] == $user_ida['id'] || $row['leader'] === null); + displayEdit($what, $user_ida['clan'], $rootlvl); $displayMore = false; } break; @@ -570,4 +581,4 @@ if($action !== NULL) { // this is done to not require to reprogramm the whole st if($displayMore){ displayClanProfile($clan_id, $user_ida); } -?> \ No newline at end of file +?> diff --git a/ag/clan/spende.php b/ag/clan/spende.php index 39b6d0f..90c153e 100644 --- a/ag/clan/spende.php +++ b/ag/clan/spende.php @@ -1,285 +1,285 @@ -weiter...'); - exit; - } - displayErrorMessage(NULL,'

Willst du wirklich "'.$clan_geld.' ¥" an deinen Clan spenden ?

Ja | Nein

',''); - exit; -} elseif($charm == 2) { +weiter...'); + exit; + } + displayErrorMessage(NULL,'

Willst du wirklich "'.$clan_geld.' ¥" an deinen Clan spenden ?

Ja | Nein

',''); + exit; +} elseif($charm == 2) { // Um Pufferueberlaeufe zu vermeiden, einfach die Laenge der Zeichenkette abfragen, ab der 8ten stelle also uerbe 99 Mio geht nicht aufeinmal! if(strlen($clan_geld)>8) { mysql_query("INSERT INTO cheater values('$user_ida[id]','Versuchte mehr als 99.999.999 aufeinmal zu Spenden! (Eingabe:".$clan_geld.")',now())"); - displayErrorMessage(NULL,'Es kann nicht mehr als 99.999.999 aufeinmal gespendet werden!', 'weiter...'); + displayErrorMessage(NULL,'Es kann nicht mehr als 99.999.999 aufeinmal gespendet werden!', 'weiter...'); exit; } - -if($clan_geld <= 0) { + +if($clan_geld <= 0) { mysql_query("INSERT INTO cheater values('$user_ida[id]','Versuchte mehr weniger als 0 zu Spenden! (Eingabe:".$clan_geld.")',now())"); - displayErrorMessage(NULL,'Geld darf nicht unter 0 sein!', 'weiter...'); - exit; + displayErrorMessage(NULL,'Geld darf nicht unter 0 sein!', 'weiter...'); + exit; } // Damit das minus nicht ausgenutzt wird!! $auktionensumme = mysql_fetch_assoc(mysql_query('SELECT SUM(aktuellesgebot) as summe FROM auktion WHERE bieter = '.$user_ida[id].' GROUP BY bieter')); $auktionensumme = $auktionensumme['summe']; - -if($clan_geld+$auktionensumme>$user['geld']) { - displayErrorMessage(NULL,'Sie haben nicht genug Geld.', 'weiter...'); - exit; + +if($clan_geld+$auktionensumme>$user['geld']) { + displayErrorMessage(NULL,'Sie haben nicht genug Geld.', 'weiter...'); + exit; +} + +mysql_query("UPDATE clan SET geld=geld+'$clan_geld' WHERE id='$user_ida[clan]'"); +mysql_query('Update user SET geld=geld-'.$clan_geld.' WHERE id='.$user_ida['id']); +mysql_query('UPDATE user_clan SET spende = spende + '.$clan_geld.' WHERE clanid = '.$user_ida['clan'].' and userid = '.$user_ida['id']); + +if(mysql_affected_rows() == 0){ + mysql_query('INSERT INTO user_clan(spende,clanid,userid) values('.$clan_geld.','.$user_ida['clan'].','.$user_ida['id'].')'); +} +//mysql_query("UPDATE user SET geld=geld-'$_GET[clan_geld]', clan_geld=clan_geld+'$_GET[clan_geld]' WHERE id='$user_ida[id]'"); + +displayErrorMessage(NULL,'An Clan Erfolgreich Gespendet', 'weiter...'); +exit; +} +?> + + - - -'; -$qry = mysql_query($sql); -$clanraum = array(); -$clanraum_a = array(); -while($row = mysql_fetch_assoc($qry)){ - $clanraum[$row['id']] = $row; -// print_r($row); - $clanraum_a[] = $row; -} -$raumanzahl = count($clanraum_a); -//echo 'Raumanzahl = '.$raumanzahl.'
'; -$sql = 'SELECT chars.clan_train, count(chars.id) as anzahl from chars inner join user on chars.besitzer = user.id where user.clan = '.$user_ida['clan'].' and chars.clan_train != 0 group by chars.clan_train'; -//echo $sql.'
'; -$qry = mysql_query($sql); - -$clanrauminfo = array(); -while($row = mysql_fetch_assoc($qry)){ - $clanrauminfo[$row['clan_train']] = $row; -} - -//print_r($clanrauminfo); - -$sql = 'select clan_ware.id as clan_warenid, user.id as userid, count(chars.id) as anzahl, clan.id as clanid from clan inner join clan_ware on clan.id = clan_ware.clan inner join clan_item on clan_item.id = clan_ware.item_id inner join user on clan.id = user.clan left join chars on user.id = chars.besitzer and clan_ware.id = chars.clan_train where clan.id = '.$user_ida['clan'].' group by userid, clan_warenid order by userid, clan_warenid'; -//echo $sql.'
'; -$qry = mysql_query($sql); - -$user_raum = array(); -// Anzahl der Chars pro Raum pro User -while($row = mysql_fetch_assoc($qry)){ - $user_raum[$row['userid']][$row['clan_warenid']] = $row; -} - -//print_r($user_raum); - -$clans_spend = mysql_query('SELECT spende, nickname, user.id as userid FROM user left join user_clan on user.id = user_clan.userid and user.clan = user_clan.clanid WHERE user.clan = '.$user_ida['clan'].' ORDER BY spende DESC'); -$member = mysql_num_rows($clans_spend); - -$sql = 'select besitzer, round(sum(1/(1+exp(3-level/12)) * nutzung)) as nutzkosten from user inner join chars on chars.besitzer = user.id inner join clan_ware on chars.clan_train = clan_ware.id inner join clan_item on clan_ware.item_id = clan_item.id where user.clan = clan_ware.clan and user.clan = '.$user_ida['clan'].' group by besitzer order by besitzer'; -//echo $sql.'
'; -$qry = mysql_query($sql); - -$user_nutz = array(); -while($row = mysql_fetch_assoc($qry)){ - $user_nutz[$row['besitzer']] = $row; -} - -//print_r($user_nutz); - -$clan_kosten = 0; -$clan_untersch = 0; - -for($i=0;$i<$raumanzahl;$i++){ - $clan_kosten += $clanraum_a[$i]['miete']*max($mindestchar, $clanrauminfo[$clanraum_a[$i]['id']]['anzahl']); - if($clanrauminfo[$clanraum_a[$i]['id']]['anzahl'] < $mindestchar){ - $clan_untersch += ($mindestchar - $clanrauminfo[$clanraum_a[$i]['id']]['anzahl']) * $clanraum_a[$i]['miete']; - } -} - -//echo 'Unterschuss: '.$clan_untersch.'
'; -$cols = 4; - -?> - - - - - - - - - - '.$clanraum_a[$i]['name'].''; - } - ?> - - - - - - - - - - -'.$user_raum[$row['userid']][$clanraum_a[$i]['id']]['anzahl'].''; - $costs += $user_raum[$row['userid']][$clanraum_a[$i]['id']]['anzahl']*$clanraum_a[$i]['miete']; - } - if($clan_untersch != 0){ - echo ''; - } else{ - echo ''; - } -// $checksumme += $costs + ($clan_untersch/$member); -?> - - - - - - - - - - '.$mindestchar.' ('.$clanrauminfo[$clanraum_a[$i]['id']]['anzahl'].')'; - }else{ - echo ''; - } - } - ?> - - -
Spender Liste
MemberSpendenMietgebührenNutzungsgebühren

'.displayMoney($costs + ($clan_untersch/$member)).' (incl. '.displayMoney($clan_untersch/$member).')'.displayMoney($costs).'

Member'.$clanrauminfo[$clanraum_a[$i]['id']]['anzahl'].'
-

- -
- - - - - - - - - - - - - - - - - - -
Clan Geld Spenden ()
Dein Geld -
Clan Geld + - - - -
 
+ +function stopp() +{ + clearInterval(aktiv); +} +--> + + + +'; +$qry = mysql_query($sql); +$clanraum = array(); +$clanraum_a = array(); +while($row = mysql_fetch_assoc($qry)){ + $clanraum[$row['id']] = $row; +// print_r($row); + $clanraum_a[] = $row; +} +$raumanzahl = count($clanraum_a); +//echo 'Raumanzahl = '.$raumanzahl.'
'; +$sql = 'SELECT chars.clan_train, count(chars.id) as anzahl from chars inner join user on chars.besitzer = user.id where user.clan = '.$user_ida['clan'].' and chars.clan_train != 0 group by chars.clan_train'; +//echo $sql.'
'; +$qry = mysql_query($sql); + +$clanrauminfo = array(); +while($row = mysql_fetch_assoc($qry)){ + $clanrauminfo[$row['clan_train']] = $row; +} + +//print_r($clanrauminfo); + +$sql = 'select clan_ware.id as clan_warenid, user.id as userid, count(chars.id) as anzahl, clan.id as clanid from clan inner join clan_ware on clan.id = clan_ware.clan inner join clan_item on clan_item.id = clan_ware.item_id inner join user on clan.id = user.clan left join chars on user.id = chars.besitzer and clan_ware.id = chars.clan_train where clan.id = '.$user_ida['clan'].' group by userid, clan_warenid order by userid, clan_warenid'; +//echo $sql.'
'; +$qry = mysql_query($sql); + +$user_raum = array(); +// Anzahl der Chars pro Raum pro User +while($row = mysql_fetch_assoc($qry)){ + $user_raum[$row['userid']][$row['clan_warenid']] = $row; +} + +//print_r($user_raum); + +$clans_spend = mysql_query('SELECT spende, nickname, user.id as userid FROM user left join user_clan on user.id = user_clan.userid and user.clan = user_clan.clanid WHERE user.clan = '.$user_ida['clan'].' ORDER BY spende DESC'); +$member = mysql_num_rows($clans_spend); + +$sql = 'select besitzer, round(sum(1/(1+exp(3-level/12)) * nutzung)) as nutzkosten from user inner join chars on chars.besitzer = user.id inner join clan_ware on chars.clan_train = clan_ware.id inner join clan_item on clan_ware.item_id = clan_item.id where user.clan = clan_ware.clan and user.clan = '.$user_ida['clan'].' group by besitzer order by besitzer'; +//echo $sql.'
'; +$qry = mysql_query($sql); + +$user_nutz = array(); +while($row = mysql_fetch_assoc($qry)){ + $user_nutz[$row['besitzer']] = $row; +} + +//print_r($user_nutz); + +$clan_kosten = 0; +$clan_untersch = 0; + +for($i=0;$i<$raumanzahl;$i++){ + $clan_kosten += $clanraum_a[$i]['miete']*max($mindestchar, $clanrauminfo[$clanraum_a[$i]['id']]['anzahl']); + if($clanrauminfo[$clanraum_a[$i]['id']]['anzahl'] < $mindestchar){ + $clan_untersch += ($mindestchar - $clanrauminfo[$clanraum_a[$i]['id']]['anzahl']) * $clanraum_a[$i]['miete']; + } +} + +//echo 'Unterschuss: '.$clan_untersch.'
'; +$cols = 4; + +?> + + + + + + + + + + '.$clanraum_a[$i]['name'].''; + } + ?> + + + + + + + + + + +'.$user_raum[$row['userid']][$clanraum_a[$i]['id']]['anzahl'].''; + $costs += $user_raum[$row['userid']][$clanraum_a[$i]['id']]['anzahl']*$clanraum_a[$i]['miete']; + } + if($clan_untersch != 0){ + echo ''; + } else{ + echo ''; + } +// $checksumme += $costs + ($clan_untersch/$member); +?> + + + + + + + + + + '.$mindestchar.' ('.$clanrauminfo[$clanraum_a[$i]['id']]['anzahl'].')'; + }else{ + echo ''; + } + } + ?> + + +
Spender Liste
MemberSpendenMietgebührenNutzungsgebühren

'.displayMoney($costs + ($clan_untersch/$member)).' (incl. '.displayMoney($clan_untersch/$member).')'.displayMoney($costs).'

Member'.$clanrauminfo[$clanraum_a[$i]['id']]['anzahl'].'
+

+ +
+ + + + + + + + + + + + + + + + + + +
Clan Geld Spenden ()
Dein Geld -
Clan Geld + + + + +
 
diff --git a/ag/include/clan.inc.php b/ag/include/clan.inc.php index d5e6045..d307ea6 100644 --- a/ag/include/clan.inc.php +++ b/ag/include/clan.inc.php @@ -6,6 +6,90 @@ * */ + +$GLOBALS['clan_buffered_instances'] = array (); + + +function getClan($clanid, $buffer = TRUE) { + if(!is_numeric($clanid)) { return NULL; } + if(buffer && isset($GLOBALS['clan_buffered_instances'][$clanid])) { + return $GLOBALS['clan_buffered_instances'][$clanid]; // okay, we already buffered the clan :) + } + + $clan = mysql_fetch_assoc(mysql_query('SELECT * FROM clan WHERE id = '. $clanid)); + + // now calculate the member, max_exp fields :D + + if($clan) { + $GLOBALS['clan_buffered_instances'][$clanid] = $clan; + return $clan; + } else { + return NULL; + } +} + + +function getClanMembersCount($clanid) { + if(!is_numeric($clanid)) { return NULL; } + $row = mysql_fetch_assoc(mysql_query('SELECT count(id) as amount FROM user WHERE clan = '. $clanid)); + return $row['amount']; +} + +function getClanMemberBonusByLevel($level) { + switch($level) { + case 1: + case 2: + case 3: + return 0; + case 4: + case 5: + return 1; + case 6: + case 7: + return 2; + case 8: + case 9: + return 3; + case 10: + case 11: + return 4; + case 12: + case 13: + return 5; + case 14: + return 6; + case 15: + return 7; + case 16: + return 8; + case 17: + return 9; + default: + return 10; + } + } + +function getMaximumMembers($clanid) { + // okay, this is a more tricky calculation as this requires the information (are leader and co_leader the same person??) + // the second parameter is the clan level. Each 2 levels (where the maximum clan level is about 20) one more member can + // be invited :) + + $clan = getClan($clanid); + if($clan === NULL){ return 0; } + $base = 10; + $members_by_level = getClanMemberBonusByLevel($clan['level']); + $malus = 0; + if($clan['co_leader'] == NULL || $clan['co_leader'] == $clan['leader']) { + $malus = 1; + } + return $base + $members_by_level - $malus; +} + +function getRequiredClanExp($level) { + return pow(2, $level) * 10; +} + + function revokeInvitation($user, $userid, $clan = NULL){ if($user['clan'] === NULL) { return 'Du bist in keinem Clan!'; @@ -107,4 +191,4 @@ function acceptChallenge(array $user, array $charids) { } -?> \ No newline at end of file +?> diff --git a/ag/include/parse.inc.php b/ag/include/parse.inc.php index 1b1f5cf..a6589dd 100644 --- a/ag/include/parse.inc.php +++ b/ag/include/parse.inc.php @@ -51,6 +51,7 @@ function encodeNoHTMLnoBBAlBhed($msg){ return '[text='.$msg.']'.$result.'[/text]'; } + function decodeNoHTMLNoBBAlBhed($msg){ // Al Bhed: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z // Deutsch: E P S T I W K N U V G C L R Y B X H M D O F Z Q A J @@ -231,7 +232,8 @@ function debbcode($messagetext){ '#\(.*?)\#', '#\(.*?)#', '#\(.*?)#', - '#
#' + '#
#', + '#\[^\<]*\#' //'', //'' ) ; @@ -248,7 +250,8 @@ function debbcode($messagetext){ '[sup]\1[/sup]', '[color=#\1]\2[/color]', '[color=\1]\2[/color]', - "\n" + "\n", + '[albhed]\1[/albhed]' //'#\[img]([a-z]+?://){1}(.*?)\[/img]#', //'#\[img](.*?)\[/img\]#' ) ;